From 56637d4d58f2ed9dba6dd600389d7a368f7d6925 Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Thu, 20 Jun 2019 16:56:19 -0700 Subject: [PATCH] More Intel AMT ACM improvements. --- agents/meshcore.js | 6 +-- agents/meshcore.min.js | 6 +-- agents/modules_meshcore/amt-manage.js | 38 +++++-------------- agents/modules_meshcore_min/amt-manage.min.js | 2 +- views/default-min.handlebars | 8 +++- views/default.handlebars | 8 +++- 6 files changed, 29 insertions(+), 39 deletions(-) diff --git a/agents/meshcore.js b/agents/meshcore.js index 157a2fa7..29910339 100644 --- a/agents/meshcore.js +++ b/agents/meshcore.js @@ -754,7 +754,7 @@ function createMeshCore(agent) // Store the latest Intel AMT policy amtPolicy = data.amtPolicy; if (data.amtPolicy != null) { db.Put('amtPolicy', JSON.stringify(data.amtPolicy)); } else { db.Put('amtPolicy', null); } - if (amt != null) { amt.setPolicy(amtPolicy); } + if (amt != null) { amt.setPolicy(amtPolicy, true); } break; } case 'getScript': { @@ -1533,7 +1533,7 @@ function createMeshCore(agent) var response = null; switch (cmd) { case 'help': { // Displays available commands - response = 'Available commands: help, info, osinfo,args, print, type, dbget, dbset, dbcompact, eval, parseuri, httpget,\r\nwslist, wsconnect, wssend, wsclose, notify, ls, ps, kill, amt, netinfo, location, power, wakeonlan, scanwifi,\r\nscanamt, setdebug, smbios, rawsmbios, toast, lock, users, sendcaps, openurl, amtreset, amtccm, amtacm, amtdeactivate,\r\namtpolicy, getscript, getclip, setclip.'; + response = 'Available commands: help, info, osinfo, args, print, type, dbget, dbset, dbcompact, eval, parseuri, httpget,\r\nwslist, wsconnect, wssend, wsclose, notify, ls, ps, kill, amt, netinfo, location, power, wakeonlan, scanwifi,\r\nscanamt, setdebug, smbios, rawsmbios, toast, lock, users, sendcaps, openurl, amtreset, amtccm, amtacm,\r\namtdeactivate, amtpolicy, getscript, getclip, setclip.'; break; } /* @@ -2067,7 +2067,7 @@ function createMeshCore(agent) if (typeof text == 'object') { text = JSON.stringify(text); } mesh.SendCommand({ "action": "msg", "type": "console", "value": text, "sessionid": sessionid }); } - + // Called before the process exits //process.exit = function (code) { console.log("Exit with code: " + code.toString()); } diff --git a/agents/meshcore.min.js b/agents/meshcore.min.js index 157a2fa7..29910339 100644 --- a/agents/meshcore.min.js +++ b/agents/meshcore.min.js @@ -754,7 +754,7 @@ function createMeshCore(agent) // Store the latest Intel AMT policy amtPolicy = data.amtPolicy; if (data.amtPolicy != null) { db.Put('amtPolicy', JSON.stringify(data.amtPolicy)); } else { db.Put('amtPolicy', null); } - if (amt != null) { amt.setPolicy(amtPolicy); } + if (amt != null) { amt.setPolicy(amtPolicy, true); } break; } case 'getScript': { @@ -1533,7 +1533,7 @@ function createMeshCore(agent) var response = null; switch (cmd) { case 'help': { // Displays available commands - response = 'Available commands: help, info, osinfo,args, print, type, dbget, dbset, dbcompact, eval, parseuri, httpget,\r\nwslist, wsconnect, wssend, wsclose, notify, ls, ps, kill, amt, netinfo, location, power, wakeonlan, scanwifi,\r\nscanamt, setdebug, smbios, rawsmbios, toast, lock, users, sendcaps, openurl, amtreset, amtccm, amtacm, amtdeactivate,\r\namtpolicy, getscript, getclip, setclip.'; + response = 'Available commands: help, info, osinfo, args, print, type, dbget, dbset, dbcompact, eval, parseuri, httpget,\r\nwslist, wsconnect, wssend, wsclose, notify, ls, ps, kill, amt, netinfo, location, power, wakeonlan, scanwifi,\r\nscanamt, setdebug, smbios, rawsmbios, toast, lock, users, sendcaps, openurl, amtreset, amtccm, amtacm,\r\namtdeactivate, amtpolicy, getscript, getclip, setclip.'; break; } /* @@ -2067,7 +2067,7 @@ function createMeshCore(agent) if (typeof text == 'object') { text = JSON.stringify(text); } mesh.SendCommand({ "action": "msg", "type": "console", "value": text, "sessionid": sessionid }); } - + // Called before the process exits //process.exit = function (code) { console.log("Exit with code: " + code.toString()); } diff --git a/agents/modules_meshcore/amt-manage.js b/agents/modules_meshcore/amt-manage.js index 5377d0a9..7b7389a5 100644 --- a/agents/modules_meshcore/amt-manage.js +++ b/agents/modules_meshcore/amt-manage.js @@ -42,10 +42,10 @@ function AmtManager(agent, db, isdebug) { obj.setDebug = function (x) { isdebug = x; } // Set current Intel AMT activation policy - obj.setPolicy = function (policy) { - if (JSON.stringify(amtpolicy) != JSON.stringify(policy)) { + obj.setPolicy = function (policy, forceApply) { + if (forceApply || (JSON.stringify(amtpolicy) != JSON.stringify(policy))) { amtpolicy = policy; - if (applyPolicyTimer == null) { obj.applyPolicy(); } + if (applyPolicyTimer == null) { applyPolicyTimer = setTimeout(obj.applyPolicy, 8000); } } } @@ -58,7 +58,7 @@ function AmtManager(agent, db, isdebug) { try { var amtMeiLib = require('amt-mei'); amtMei = new amtMeiLib(); - amtMei.on('error', function (e) { debug('MEI error'); amtMei = null; amtMeiState = -1; obj.state = -1; obj.onStateChange(amtMeiState); }); + amtMei.on('error', function (e) { debug('MEI error'); amtMei = null; amtMeiState = -1; obj.state = -1; if (obj.onStateChange != null) { obj.onStateChange(amtMeiState); } }); amtMei.getVersion(function (result) { if (result == null) { amtMeiState = -1; @@ -455,11 +455,8 @@ function AmtManager(agent, db, isdebug) { // obj.activeToACM = function (mestate) { - //debug('TrustedHashes: ' + JSON.stringify(trustedHashes)); - //debug('ProvisioningState: ' + JSON.stringify(mestate.ProvisioningState)); if ((mestate.ProvisioningState != 0) || (amtpolicy == null) || (amtpolicy.match == null)) return; // Can't activate unless in "PRE" activation mode & policy is present. var trustedFqdn = null; - //debug('Wired Interface: ' + JSON.stringify(mestate.net0)); if ((mestate.net0 == null) && (mestate.net0.enabled != 0)) return; // Can't activate unless wired interface is active if (mestate.DNS) { trustedFqdn = mestate.DNS; } // If Intel AMT has a trusted DNS suffix set, use that one. else { @@ -471,41 +468,31 @@ function AmtManager(agent, db, isdebug) { } } } - //debug('TrustedFqdn: ' + trustedFqdn); if (trustedFqdn == null) return; // No trusted DNS suffix. // Check if we have a ACM policy match var hashMatch = null; for (var i in amtpolicy.match) { var m = amtpolicy.match[i]; if (m.cn == trustedFqdn) { for (var j in trustedHashes) { if ((trustedHashes[j] == m.sha256) || (trustedHashes[j] == m.sha1)) { hashMatch = trustedHashes[j]; } } } } if (hashMatch == null) return; // No certificate / FQDN match - //debug('Policy: ' + JSON.stringify(amtpolicy)); - //debug('HashMatch: ' + hashMatch); // Fetch Intel AMT realm and activation nonce and get ready to ACM activation... if (osamtstack != null) { - //debug('Trying to get Intel AMT activation information (1)...'); osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToACM2, { fqdn: trustedFqdn, hash: hashMatch, uuid: mestate.UUID }); } else { - //debug('ACM Activation: Trying to get local account info...'); amtMei.getLocalSystemAccount(function (x) { if ((x != null) && x.user && x.pass) { - //debug('Intel AMT local account info: User=' + x.user + ', Pass=' + x.pass + '.'); var transport = require('amt-wsman-duk'); var wsman = require('amt-wsman'); var amt = require('amt'); oswsstack = new wsman(transport, '127.0.0.1', 16992, x.user, x.pass, false); osamtstack = new amt(oswsstack); - //debug('Trying to get Intel AMT activation information (2)...'); osamtstack.BatchEnum(null, ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService'], activeToACM2, { fqdn: trustedFqdn, hash: hashMatch, uuid: mestate.UUID }); - } else { - //debug('Unable to get $$OsAdmin password.'); } }); } } function activeToACM2(stack, name, responses, status, tag) { - //debug('activeToACM2 status=' + status); if (status != 200) return; var fwNonce = responses['IPS_HostBasedSetupService'].response['ConfigurationNonce']; var digestRealm = responses['AMT_GeneralSettings'].response['DigestRealm']; @@ -513,29 +500,24 @@ function AmtManager(agent, db, isdebug) { } // Called when the server responds with a ACM activation signature. - obj.setAcmResponse = function (acmdata) { - //debug('setAcmResponse=' + JSON.stringify(acmdata)); - acmdata.index = 0; - performAcmActivation(acmdata); - } + obj.setAcmResponse = function (acmdata) { acmdata.index = 0; performAcmActivation(acmdata); } // Recursive function to inject the provisioning certificates into AMT in the proper order and completes ACM activation function performAcmActivation(acmdata) { - //debug('performAcmActivation(' + JSON.stringify(acmdata) + ')'); var leaf = (acmdata.index == 0), root = (acmdata.index == (acmdata.certs.length - 1)); if ((acmdata.index < acmdata.certs.length) && (acmdata.certs[acmdata.index] != null)) { - //debug('Calling AddNextCertInChain(' + acmdata.index + ', ' + acmdata.certs[acmdata.index] + ')'); osamtstack.IPS_HostBasedSetupService_AddNextCertInChain(acmdata.certs[acmdata.index], leaf, root, function (stack, name, responses, status) { if (status !== 200) { debug('AddNextCertInChain status=' + status); return; } else if (responses['Body']['ReturnValue'] !== 0) { debug('AddNextCertInChain error=' + responses['Body']['ReturnValue']); return; } else { acmdata.index++; performAcmActivation(acmdata); } }); } else { - debug('Calling AdminSetup() ' + JSON.stringify(acmdata)); osamtstack.IPS_HostBasedSetupService_AdminSetup(2, acmdata.password, acmdata.nonce, 2, acmdata.signature, function (stack, name, responses, status) { - debug('AdminSetup Status: ' + status); - if (status == 200) { debug('AdminSetup ReturnValue: ' + responses['Body']['ReturnValue']); } + if ((status == 200) && (responses['Body']['ReturnValue'] == 0)) { + // ACM activation success, force an update to the server so it can get our new state. + if (obj.onStateChange != null) { obj.onStateChange(2); } + } } ); } @@ -628,7 +610,7 @@ function AmtManager(agent, db, isdebug) { var wsmanQuery = ['*AMT_GeneralSettings', '*IPS_HostBasedSetupService', '*AMT_RedirectionService', '*CIM_KVMRedirectionSAP', 'AMT_PublicKeyCertificate', '*AMT_EnvironmentDetectionSettingData']; if (amtpolicy.cirasetup == 2) { wsmanQuery.push("AMT_ManagementPresenceRemoteSAP", "AMT_RemoteAccessCredentialContext", "AMT_RemoteAccessPolicyAppliesToMPS", "AMT_RemoteAccessPolicyRule", "*AMT_UserInitiatedConnectionService", "AMT_MPSUsernamePassword"); } try { amtstack.BatchEnum(null, wsmanQuery, wsmanPassTestResponse); } catch (ex) { debug(ex); } - } else if ((amtpolicy.type == 3) && (meinfo.ProvisioningState == 0)) { + } else if ((amtpolicy.type == 3) && (meinfo.ProvisioningState == 0) && (agent.isControlChannelConnected)) { // ACM Activation Policy obj.getTrustedHashes(obj.activeToACM, meinfo); } else { diff --git a/agents/modules_meshcore_min/amt-manage.min.js b/agents/modules_meshcore_min/amt-manage.min.js index 4e44fa0b..90ae0ea6 100644 --- a/agents/modules_meshcore_min/amt-manage.min.js +++ b/agents/modules_meshcore_min/amt-manage.min.js @@ -1 +1 @@ -function AmtManager(d,q,v){var M=function(T){d.SendCommand({action:"msg",type:"console",value:T})};var r=function(T){if(v){M("amt-manager: "+T+"
")}};var h=null,i=0;var f=null,g=0;var e=null;var H=null;var G=null;var k=null;var F=this;var E;var O=null;F.state=0;F.lmsstate=0;F.onStateChange=null;F.setDebug=function(T){v=T};F.setPolicy=function(T){if(JSON.stringify(k)!=JSON.stringify(T)){k=T;if(m==null){F.applyPolicy()}}};var L=0;F.reset=function(){++L;h=null,i=0,f=null,g=0,F.state=0,F.lmsstate=0;try{var T=require("amt-mei");h=new T();h.on("error",function(V){r("MEI error");h=null;i=-1;F.state=-1;F.onStateChange(i)});h.getVersion(function(V){if(V==null){i=-1;F.state=-1;if(F.onStateChange!=null){F.onStateChange(i)}if(L<10){setTimeout(F.reset,10000)}}else{e=V;i=2;F.state=2;L=0;if(F.onStateChange!=null){F.onStateChange(i)}F.lmsreset()}})}catch(U){r("MEI exception: "+U);h=null;i=-1;F.state=-1}};var j=null;F.getAmtInfo=function(U){if((h==null)||(i<2)){if(U!=null){U(null)}return}try{j={Flags:0};h.getProtocolVersion(function(V){if(V!=null){j.MeiVersion=V}});h.getVersion(function(V){if(V){j.Versions={};for(var W in V.Versions){j.Versions[V.Versions[W].Description]=V.Versions[W].Version}}});h.getProvisioningMode(function(V){if(V){j.ProvisioningMode=V.mode}});h.getProvisioningState(function(V){if(V){j.ProvisioningState=V.state}});h.getEHBCState(function(V){if((V!=null)&&(V.EHBC==true)){j.Flags+=1}});h.getControlMode(function(V){if(V!=null){if(V.controlMode==1){j.Flags+=2}if(V.controlMode==2){j.Flags+=4}}});h.getLanInterfaceSettings(0,function(V){if(V){j.net0=V}});h.getLanInterfaceSettings(1,function(V){if(V){j.net1=V}});h.getUuid(function(V){if((V!=null)&&(V.uuid!=null)){j.UUID=V.uuid}});h.getDnsSuffix(function(V){if(V!=null){j.DNS=V}if(U!=null){U(j)}})}catch(T){if(U!=null){U(null)}return}};var t=function(W){if((W==null)||(W.Body==null)||(W.Body.MessageID==null)||(W.Body.MessageArguments==null)){return null}var T=W.Body.MessageID,U=W.Body.MessageArguments[0],V=null;switch(T){case"iAMT0050":if(U=="48"){V="Intel® AMT Serial-over-LAN connected"}else{if(U=="49"){V="Intel® AMT Serial-over-LAN disconnected"}}break;case"iAMT0052":if(U=="1"){V="Intel® AMT KVM connected"}else{if(U=="2"){V="Intel® AMT KVM disconnected"}}break;default:break}if(V!=null){d.SendCommand({action:"msg",type:"notify",value:V,tag:"general"})}};F.lmsreset=function(){var T=null,U=0;F.lmsstate=0;try{var W=require("amt-lme");U=1;F.lmsstate=1;T=new W();T.on("error",function(X){U=0;F.lmsstate=0;T=null;r("LMS error");N(1)});T.on("connect",function(){U=2;F.lmsstate=2;r("LMS connected");N(2)});T.on("notify",function(Y,Z,aa,X){if(X=="iAMT0052-3"){y()}else{t(Y)}})}catch(V){U=-1;F.lmsstate=-1;T=null}};var N=function(T){if((h==null)||(i<2)||(e==null)){return}h.getLocalSystemAccount(function(aa){if(aa==null){return}var Y=require("amt-wsman-duk");var Z=require("amt-wsman");var U=require("amt");H=new Z(Y,"127.0.0.1",16992,aa.user,aa.pass,false);G=new U(H);i=3;F.state=3;if(F.onStateChange!=null){F.onStateChange(i)}if(m==null){F.applyPolicy()}var V=null;try{for(var X in e.Versions){if(e.Versions[X].Description=="AMT"){V=parseInt(e.Versions[X].Version.split(".")[0])}}}catch(W){}if((V!=null)&&(V>=12)){y("skip");F.kvmTempTimer=setInterval(function(){y()},2000);A(JSON.stringify({action:"restart",ver:1}))}})};var y=function(T){G.IPS_KVMRedirectionSettingData_DataChannelRead(F.kvmDataGetResponse,T)};var x=function(W,U,V,X,Y){if((Y!="skip")&&(X==200)&&(V.Body.ReturnValue==0)){var Z=null;try{Z=Buffer.from(V.Body.DataMessage,"base64").toString()}catch(T){return}if(Z!=null){F.kvmProcessData(V.Body.RealmsBitmap,V.Body.MessageId,Z)}}};var Q=null;var z=function(W,V,Y){var T=null;try{T=JSON.parse(Y)}catch(U){}if((T!=null)&&(T.action)){if(T.action=="present"){A(JSON.stringify({action:"present",ver:1,platform:process.platform}))}if(T.action=="offer"){Q={};var X=require("ILibWebRTC");Q.webrtc=X.createConnection();Q.webrtc.on("connected",function(){});Q.webrtc.on("disconnected",function(){F.webRtcCleanUp()});Q.webrtc.on("dataChannel",function(Z){Q.rtcchannel=Z;Q.kvm=mesh.getRemoteDesktopStream();Q.kvm.pipe(Q.rtcchannel,{dataTypeSkip:1,end:false});Q.rtcchannel.on("end",function(){F.webRtcCleanUp()});Q.rtcchannel.on("data",function(aa){F.kvmCtrlData(this,aa)});Q.rtcchannel.pipe(Q.kvm,{dataTypeSkip:1,end:false})});A(JSON.stringify({action:"answer",ver:1,sdp:Q.webrtc.setOffer(T.sdp)}))}}};var w=function(U,W){if(W.length>0&&W.charCodeAt(0)!=123){if(F.fileupload!=null){W=Buffer.from(W,"base64");var ac=W.readUInt32BE(0);if((ac==16777216)||(ac==16777217)){fs.writeSync(F.fileupload.fp,W.slice(4));U.write({action:"upload",sub:"ack",reqid:F.fileupload.reqid});if(ac==16777217){fs.closeSync(F.fileupload.fp);F.fileupload=null}}}return}r("KVM Ctrl Data: "+W);try{W=JSON.parse(W)}catch(Z){r("Invalid JSON: "+W);return}if((W.path!=null)&&(process.platform!="win32")&&(W.path[0]!="/")){W.path="/"+W.path}switch(W.action){case"ping":U.write({action:"pong"});break;case"lock":if(process.platform=="win32"){var V=require("child_process");V.execFile(process.env.windir+"\\system32\\cmd.exe",["/c","RunDll32.exe user32.dll,LockWorkStation"],{type:1})}break;case"ls":var af=getDirectoryInfo(W.path);if(W.reqid!=undefined){af.reqid=W.reqid}U.write(af);break;case"mkdir":fs.mkdirSync(W.path);break;case"rm":for(var ad in W.delfiles){var ab=I.join(W.path,W.delfiles[ad]);try{fs.unlinkSync(ab)}catch(Y){r(Y)}}break;case"rename":try{fs.renameSync(I.join(W.path,W.oldname),I.join(W.path,W.newname))}catch(Y){r(Y)}break;case"download":var ah=0;if(W.sub=="start"){if(F.filedownload!=null){U.write({action:"download",sub:"cancel",id:F.filedownload.id});delete F.filedownload}F.filedownload={id:W.id,path:W.path,ptr:0};try{F.filedownload.f=fs.openSync(F.filedownload.path,"rbN")}catch(Y){U.write({action:"download",sub:"cancel",id:F.filedownload.id});delete F.filedownload}if(F.filedownload){U.write({action:"download",sub:"start",id:W.id})}}else{if((F.filedownload!=null)&&(W.id==F.filedownload.id)){if(W.sub=="startack"){ah=8}else{if(W.sub=="stop"){delete F.filedownload}else{if(W.sub=="ack"){ah=1}}}}}while(ah>0){ah--;var T=Buffer.alloc(4096);var ae=fs.readSync(F.filedownload.f,T,4,4092,null);F.filedownload.ptr+=ae;if(ae<4092){T.writeInt32BE(16777217,0);fs.closeSync(F.filedownload.f);delete F.filedownload;ah=0}else{T.writeInt32BE(16777216,0)}U.write(T.slice(0,ae+4).toString("base64"))}break;case"upload":if(W.sub=="start"){if(F.fileupload!=null){fs.closeSync(F.fileupload.fp)}if(!W.path||!W.name){break}F.fileupload={reqid:W.reqid};var aa=I.join(W.path,W.name);try{F.fileupload.fp=fs.openSync(aa,"wbN")}catch(Y){}if(F.fileupload.fp){U.write({action:"upload",sub:"start",reqid:F.fileupload.reqid})}else{F.fileupload=null;U.write({action:"upload",sub:"error",reqid:F.fileupload.reqid})}}else{if(W.sub=="cancel"){if(F.fileupload!=null){fs.closeSync(F.fileupload.fp);F.fileupload=null}}}break;case"copy":for(var ad in W.names){var ag=I.join(W.scpath,W.names[ad]),X=I.join(W.dspath,W.names[ad]);if(ag!=X){try{fs.copyFileSync(ag,X)}catch(Y){}}}break;case"move":for(var ad in W.names){var ag=I.join(W.scpath,W.names[ad]),X=I.join(W.dspath,W.names[ad]);if(ag!=X){try{fs.copyFileSync(ag,X);fs.unlinkSync(ag)}catch(Y){}}}break;default:r("Invalid KVM command: "+W);break}};var P=function(){r("webRtcCleanUp");if(Q==null){return}if(Q.rtcchannel){try{Q.rtcchannel.close()}catch(T){}try{Q.rtcchannel.removeAllListeners("data")}catch(T){}try{Q.rtcchannel.removeAllListeners("end")}catch(T){}delete Q.rtcchannel}if(Q.webrtc){try{Q.webrtc.close()}catch(T){}try{Q.webrtc.removeAllListeners("connected")}catch(T){}try{Q.webrtc.removeAllListeners("disconnected")}catch(T){}try{Q.webrtc.removeAllListeners("dataChannel")}catch(T){}delete Q.webrtc}if(Q.kvm){try{Q.kvm.end()}catch(T){}delete Q.kvm}Q=null};var A=function(T){G.IPS_KVMRedirectionSettingData_DataChannelWrite(Buffer.from(T).toString("base64"),function(){})};var s=function(T,U){if(fs.existsSync(T)){if(U==true){fs.readdirSync(F.path.join(T,"*")).forEach(function(W,X){var V=F.path.join(T,W);if(fs.statSync(V).isDirectory()){s(V,true)}else{fs.unlinkSync(V)}})}fs.unlinkSync(T)}};var I={join:function(){var V=[];for(var T in arguments){var U=arguments[T];if(U!=null){while(U.endsWith("/")||U.endsWith("\\")){U=U.substring(0,U.length-1)}if(T!=0){while(U.startsWith("/")||U.startsWith("\\")){U=U.substring(1)}}V.push(U)}}if(V.length==0){return"/"}return V.join("/")}};function D(T){return require("MD5Stream").create().syncHash(T).toString("hex")}F.deactivateCCM=function(){h.unprovision(1,function(T){if(T==0){r("Success deactivating Intel AMT CCM.");d.SendCommand({action:"coreinfo",intelamt:{state:0,flags:0}});m=setTimeout(F.applyPolicy,8000)}else{r("Intel AMT CCM deactivation error: "+T)}})};F.getTrustedHashes=function(T,U){if(O!=null){T(U)}O=[];h.getHashHandles(function(W){var V=W.length;for(var X=0;X";l.AMT_RemoteAccessService_AddRemoteAccessPolicyRule(2,0,"AAAAAAAAAAo=",[U],null,function(Y,W,X,Z){if(Z!=200){r("Add AddRemoteAccessPolicyRule Error "+Z)}else{o(T)}})}function o(T){var V=[];if((k.ciraserver!=null)&&(k.ciraserver.home!=null)){V=k.ciraserver.home}var U=T.AMT_EnvironmentDetectionSettingData.response;U.DetectionStrings=C(U.DetectionStrings);if(p(U.DetectionStrings,V)==false){U.DetectionStrings=V;l.Put("AMT_EnvironmentDetectionSettingData",U,function(Y,W,X,Z){if(Z!=200){r("Put AMT_EnvironmentDetectionSettingData Error "+Z)}},0,1)}}function p(T,U){if(T==U){return true}if(T==null){T=[]}if(U==null){U=[]}if(T.length!=U.length){return false}for(var V in T){if(U.indexOf(T[V])==-1){return false}}return true}function C(T){if(!T||T==null||typeof T=="object"){return T}return[T]}}module.exports=AmtManager; \ No newline at end of file +function AmtManager(d,q,v){var M=function(T){d.SendCommand({action:"msg",type:"console",value:T})};var r=function(T){if(v){M("amt-manager: "+T+"
")}};var h=null,i=0;var f=null,g=0;var e=null;var H=null;var G=null;var k=null;var F=this;var E;var O=null;F.state=0;F.lmsstate=0;F.onStateChange=null;F.setDebug=function(T){v=T};F.setPolicy=function(U,T){if(T||(JSON.stringify(k)!=JSON.stringify(U))){k=U;if(m==null){m=setTimeout(F.applyPolicy,8000)}}};var L=0;F.reset=function(){++L;h=null,i=0,f=null,g=0,F.state=0,F.lmsstate=0;try{var T=require("amt-mei");h=new T();h.on("error",function(V){r("MEI error");h=null;i=-1;F.state=-1;if(F.onStateChange!=null){F.onStateChange(i)}});h.getVersion(function(V){if(V==null){i=-1;F.state=-1;if(F.onStateChange!=null){F.onStateChange(i)}if(L<10){setTimeout(F.reset,10000)}}else{e=V;i=2;F.state=2;L=0;if(F.onStateChange!=null){F.onStateChange(i)}F.lmsreset()}})}catch(U){r("MEI exception: "+U);h=null;i=-1;F.state=-1}};var j=null;F.getAmtInfo=function(U){if((h==null)||(i<2)){if(U!=null){U(null)}return}try{j={Flags:0};h.getProtocolVersion(function(V){if(V!=null){j.MeiVersion=V}});h.getVersion(function(V){if(V){j.Versions={};for(var W in V.Versions){j.Versions[V.Versions[W].Description]=V.Versions[W].Version}}});h.getProvisioningMode(function(V){if(V){j.ProvisioningMode=V.mode}});h.getProvisioningState(function(V){if(V){j.ProvisioningState=V.state}});h.getEHBCState(function(V){if((V!=null)&&(V.EHBC==true)){j.Flags+=1}});h.getControlMode(function(V){if(V!=null){if(V.controlMode==1){j.Flags+=2}if(V.controlMode==2){j.Flags+=4}}});h.getLanInterfaceSettings(0,function(V){if(V){j.net0=V}});h.getLanInterfaceSettings(1,function(V){if(V){j.net1=V}});h.getUuid(function(V){if((V!=null)&&(V.uuid!=null)){j.UUID=V.uuid}});h.getDnsSuffix(function(V){if(V!=null){j.DNS=V}if(U!=null){U(j)}})}catch(T){if(U!=null){U(null)}return}};var t=function(W){if((W==null)||(W.Body==null)||(W.Body.MessageID==null)||(W.Body.MessageArguments==null)){return null}var T=W.Body.MessageID,U=W.Body.MessageArguments[0],V=null;switch(T){case"iAMT0050":if(U=="48"){V="Intel® AMT Serial-over-LAN connected"}else{if(U=="49"){V="Intel® AMT Serial-over-LAN disconnected"}}break;case"iAMT0052":if(U=="1"){V="Intel® AMT KVM connected"}else{if(U=="2"){V="Intel® AMT KVM disconnected"}}break;default:break}if(V!=null){d.SendCommand({action:"msg",type:"notify",value:V,tag:"general"})}};F.lmsreset=function(){var T=null,U=0;F.lmsstate=0;try{var W=require("amt-lme");U=1;F.lmsstate=1;T=new W();T.on("error",function(X){U=0;F.lmsstate=0;T=null;r("LMS error");N(1)});T.on("connect",function(){U=2;F.lmsstate=2;r("LMS connected");N(2)});T.on("notify",function(Y,Z,aa,X){if(X=="iAMT0052-3"){y()}else{t(Y)}})}catch(V){U=-1;F.lmsstate=-1;T=null}};var N=function(T){if((h==null)||(i<2)||(e==null)){return}h.getLocalSystemAccount(function(aa){if(aa==null){return}var Y=require("amt-wsman-duk");var Z=require("amt-wsman");var U=require("amt");H=new Z(Y,"127.0.0.1",16992,aa.user,aa.pass,false);G=new U(H);i=3;F.state=3;if(F.onStateChange!=null){F.onStateChange(i)}if(m==null){F.applyPolicy()}var V=null;try{for(var X in e.Versions){if(e.Versions[X].Description=="AMT"){V=parseInt(e.Versions[X].Version.split(".")[0])}}}catch(W){}if((V!=null)&&(V>=12)){y("skip");F.kvmTempTimer=setInterval(function(){y()},2000);A(JSON.stringify({action:"restart",ver:1}))}})};var y=function(T){G.IPS_KVMRedirectionSettingData_DataChannelRead(F.kvmDataGetResponse,T)};var x=function(W,U,V,X,Y){if((Y!="skip")&&(X==200)&&(V.Body.ReturnValue==0)){var Z=null;try{Z=Buffer.from(V.Body.DataMessage,"base64").toString()}catch(T){return}if(Z!=null){F.kvmProcessData(V.Body.RealmsBitmap,V.Body.MessageId,Z)}}};var Q=null;var z=function(W,V,Y){var T=null;try{T=JSON.parse(Y)}catch(U){}if((T!=null)&&(T.action)){if(T.action=="present"){A(JSON.stringify({action:"present",ver:1,platform:process.platform}))}if(T.action=="offer"){Q={};var X=require("ILibWebRTC");Q.webrtc=X.createConnection();Q.webrtc.on("connected",function(){});Q.webrtc.on("disconnected",function(){F.webRtcCleanUp()});Q.webrtc.on("dataChannel",function(Z){Q.rtcchannel=Z;Q.kvm=mesh.getRemoteDesktopStream();Q.kvm.pipe(Q.rtcchannel,{dataTypeSkip:1,end:false});Q.rtcchannel.on("end",function(){F.webRtcCleanUp()});Q.rtcchannel.on("data",function(aa){F.kvmCtrlData(this,aa)});Q.rtcchannel.pipe(Q.kvm,{dataTypeSkip:1,end:false})});A(JSON.stringify({action:"answer",ver:1,sdp:Q.webrtc.setOffer(T.sdp)}))}}};var w=function(U,W){if(W.length>0&&W.charCodeAt(0)!=123){if(F.fileupload!=null){W=Buffer.from(W,"base64");var ac=W.readUInt32BE(0);if((ac==16777216)||(ac==16777217)){fs.writeSync(F.fileupload.fp,W.slice(4));U.write({action:"upload",sub:"ack",reqid:F.fileupload.reqid});if(ac==16777217){fs.closeSync(F.fileupload.fp);F.fileupload=null}}}return}r("KVM Ctrl Data: "+W);try{W=JSON.parse(W)}catch(Z){r("Invalid JSON: "+W);return}if((W.path!=null)&&(process.platform!="win32")&&(W.path[0]!="/")){W.path="/"+W.path}switch(W.action){case"ping":U.write({action:"pong"});break;case"lock":if(process.platform=="win32"){var V=require("child_process");V.execFile(process.env.windir+"\\system32\\cmd.exe",["/c","RunDll32.exe user32.dll,LockWorkStation"],{type:1})}break;case"ls":var af=getDirectoryInfo(W.path);if(W.reqid!=undefined){af.reqid=W.reqid}U.write(af);break;case"mkdir":fs.mkdirSync(W.path);break;case"rm":for(var ad in W.delfiles){var ab=I.join(W.path,W.delfiles[ad]);try{fs.unlinkSync(ab)}catch(Y){r(Y)}}break;case"rename":try{fs.renameSync(I.join(W.path,W.oldname),I.join(W.path,W.newname))}catch(Y){r(Y)}break;case"download":var ah=0;if(W.sub=="start"){if(F.filedownload!=null){U.write({action:"download",sub:"cancel",id:F.filedownload.id});delete F.filedownload}F.filedownload={id:W.id,path:W.path,ptr:0};try{F.filedownload.f=fs.openSync(F.filedownload.path,"rbN")}catch(Y){U.write({action:"download",sub:"cancel",id:F.filedownload.id});delete F.filedownload}if(F.filedownload){U.write({action:"download",sub:"start",id:W.id})}}else{if((F.filedownload!=null)&&(W.id==F.filedownload.id)){if(W.sub=="startack"){ah=8}else{if(W.sub=="stop"){delete F.filedownload}else{if(W.sub=="ack"){ah=1}}}}}while(ah>0){ah--;var T=Buffer.alloc(4096);var ae=fs.readSync(F.filedownload.f,T,4,4092,null);F.filedownload.ptr+=ae;if(ae<4092){T.writeInt32BE(16777217,0);fs.closeSync(F.filedownload.f);delete F.filedownload;ah=0}else{T.writeInt32BE(16777216,0)}U.write(T.slice(0,ae+4).toString("base64"))}break;case"upload":if(W.sub=="start"){if(F.fileupload!=null){fs.closeSync(F.fileupload.fp)}if(!W.path||!W.name){break}F.fileupload={reqid:W.reqid};var aa=I.join(W.path,W.name);try{F.fileupload.fp=fs.openSync(aa,"wbN")}catch(Y){}if(F.fileupload.fp){U.write({action:"upload",sub:"start",reqid:F.fileupload.reqid})}else{F.fileupload=null;U.write({action:"upload",sub:"error",reqid:F.fileupload.reqid})}}else{if(W.sub=="cancel"){if(F.fileupload!=null){fs.closeSync(F.fileupload.fp);F.fileupload=null}}}break;case"copy":for(var ad in W.names){var ag=I.join(W.scpath,W.names[ad]),X=I.join(W.dspath,W.names[ad]);if(ag!=X){try{fs.copyFileSync(ag,X)}catch(Y){}}}break;case"move":for(var ad in W.names){var ag=I.join(W.scpath,W.names[ad]),X=I.join(W.dspath,W.names[ad]);if(ag!=X){try{fs.copyFileSync(ag,X);fs.unlinkSync(ag)}catch(Y){}}}break;default:r("Invalid KVM command: "+W);break}};var P=function(){r("webRtcCleanUp");if(Q==null){return}if(Q.rtcchannel){try{Q.rtcchannel.close()}catch(T){}try{Q.rtcchannel.removeAllListeners("data")}catch(T){}try{Q.rtcchannel.removeAllListeners("end")}catch(T){}delete Q.rtcchannel}if(Q.webrtc){try{Q.webrtc.close()}catch(T){}try{Q.webrtc.removeAllListeners("connected")}catch(T){}try{Q.webrtc.removeAllListeners("disconnected")}catch(T){}try{Q.webrtc.removeAllListeners("dataChannel")}catch(T){}delete Q.webrtc}if(Q.kvm){try{Q.kvm.end()}catch(T){}delete Q.kvm}Q=null};var A=function(T){G.IPS_KVMRedirectionSettingData_DataChannelWrite(Buffer.from(T).toString("base64"),function(){})};var s=function(T,U){if(fs.existsSync(T)){if(U==true){fs.readdirSync(F.path.join(T,"*")).forEach(function(W,X){var V=F.path.join(T,W);if(fs.statSync(V).isDirectory()){s(V,true)}else{fs.unlinkSync(V)}})}fs.unlinkSync(T)}};var I={join:function(){var V=[];for(var T in arguments){var U=arguments[T];if(U!=null){while(U.endsWith("/")||U.endsWith("\\")){U=U.substring(0,U.length-1)}if(T!=0){while(U.startsWith("/")||U.startsWith("\\")){U=U.substring(1)}}V.push(U)}}if(V.length==0){return"/"}return V.join("/")}};function D(T){return require("MD5Stream").create().syncHash(T).toString("hex")}F.deactivateCCM=function(){h.unprovision(1,function(T){if(T==0){r("Success deactivating Intel AMT CCM.");d.SendCommand({action:"coreinfo",intelamt:{state:0,flags:0}});m=setTimeout(F.applyPolicy,8000)}else{r("Intel AMT CCM deactivation error: "+T)}})};F.getTrustedHashes=function(T,U){if(O!=null){T(U)}O=[];h.getHashHandles(function(W){var V=W.length;for(var X=0;X";l.AMT_RemoteAccessService_AddRemoteAccessPolicyRule(2,0,"AAAAAAAAAAo=",[U],null,function(Y,W,X,Z){if(Z!=200){r("Add AddRemoteAccessPolicyRule Error "+Z)}else{o(T)}})}function o(T){var V=[];if((k.ciraserver!=null)&&(k.ciraserver.home!=null)){V=k.ciraserver.home}var U=T.AMT_EnvironmentDetectionSettingData.response;U.DetectionStrings=C(U.DetectionStrings);if(p(U.DetectionStrings,V)==false){U.DetectionStrings=V;l.Put("AMT_EnvironmentDetectionSettingData",U,function(Y,W,X,Z){if(Z!=200){r("Put AMT_EnvironmentDetectionSettingData Error "+Z)}},0,1)}}function p(T,U){if(T==U){return true}if(T==null){T=[]}if(U==null){U=[]}if(T.length!=U.length){return false}for(var V in T){if(U.indexOf(T[V])==-1){return false}}return true}function C(T){if(!T||T==null||typeof T=="object"){return T}return[T]}}module.exports=AmtManager; \ No newline at end of file diff --git a/views/default-min.handlebars b/views/default-min.handlebars index 67f364f4..b0de8b95 100644 --- a/views/default-min.handlebars +++ b/views/default-min.handlebars @@ -12417,7 +12417,8 @@ var QRCode;!function(){function a(a){this.mode=c.MODE_8BIT_BYTE,this.data=a,this function p20editMeshAmtChange() { var ptype = Q('dp20amtpolicy').value, x = ''; if (ptype >= 2) { - x = addHtmlValue('Password*', '') + x = addHtmlValue('Password*', '') + x += addHtmlValue('Password*', '') if (ptype == 2) { x += addHtmlValue('Password mismatch', ""); } if ((features & 0x400) == 0) { if (ptype == 2) { @@ -12439,7 +12440,10 @@ var QRCode;!function(){function a(a){this.mode=c.MODE_8BIT_BYTE,this.data=a,this function dp20amtValidatePolicy() { var ok = true, ptype = Q('dp20amtpolicy').value; - if (ptype == 2) { var pass = Q('dp20amtpolicypass').value; ok = (pass == '') ? true : passwordcheck(pass); } + if ((ptype == 2) || (ptype == 3)) { + var pass = Q('dp20amtpolicypass').value, pass2 = Q('dp20amtpolicypass2').value; + ok = ((pass === pass2) && ((pass === '') ? true : passwordcheck(pass))); + } QE('idx_dlgOkButton', ok); } diff --git a/views/default.handlebars b/views/default.handlebars index 2610314f..e3752366 100644 --- a/views/default.handlebars +++ b/views/default.handlebars @@ -6362,7 +6362,8 @@ function p20editMeshAmtChange() { var ptype = Q('dp20amtpolicy').value, x = ''; if (ptype >= 2) { - x = addHtmlValue('Password*', '') + x = addHtmlValue('Password*', '') + x += addHtmlValue('Password*', '') if (ptype == 2) { x += addHtmlValue('Password mismatch', ""); } if ((features & 0x400) == 0) { if (ptype == 2) { @@ -6384,7 +6385,10 @@ function dp20amtValidatePolicy() { var ok = true, ptype = Q('dp20amtpolicy').value; - if (ptype == 2) { var pass = Q('dp20amtpolicypass').value; ok = (pass == '') ? true : passwordcheck(pass); } + if ((ptype == 2) || (ptype == 3)) { + var pass = Q('dp20amtpolicypass').value, pass2 = Q('dp20amtpolicypass2').value; + ok = ((pass === pass2) && ((pass === '') ? true : passwordcheck(pass))); + } QE('idx_dlgOkButton', ok); }